Russian hackers tap Windows flaw to hit NATO, Ukraine

From the Cnet.com Article by Charlie Osborne

Security firm iSight says the “Sandworm” team has targeted NATO, the European Union, Ukraine and industry through a previously unrecognized Windows zero-day exploit.

Russian hackers have exploited a bug in Microsoft’s Windows operating system in order to target computers used by NATO, the European Union, Ukraine and the telecommunications and energy sectors, according to security firm iSight.

In a blog post Tuesday, Dallas-based iSight, in collaboration with Microsoft, said the zero-day vulnerability impacts all supported versions of Microsoft Windows and Windows Server 2008 and 2012. The software giant is readying a patch for the CVE-2014-4114 vulnerability, used for the “Sandworm” cyberattack.

The automatic fix will be part of today’s Patch Tuesday release.

The exploit has been used as part of a five-year cyberespionage campaign, according to iSight. The hackers, dubbed the “Sandworm team” — based on coded references to the science fiction series ‘Dune” — have been monitored by iSight from late 2013 to the present day, although the campaign appears to have been in action since 2009. Spear phishing with malicious files attached is one of the favored methods of infiltrating computer systems, and other exploit methods include the use of BlackEnergy crimeware, as well as Microsoft’s Windows zero-day flaw.

The Windows CVE-2014-4114 vulnerability has been in use since August last year, mainly through weaponized PowerPoint documents.

iSight says that the team previously launched campaigns targeting the US and EU intelligence communities, military establishments, news organizations and defense contractors — as well as jihadists and rebels in Chechnya. However, focus has turned towards the Ukrainian conflict with Russia, energy industries and political issues concerning Russia based on evidence gleaned from phishing emails.

The cybersecurity experts do not know what data has been lifted throughout the Sandworm campaign, however, “the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree.”

The security team notified government agencies and private sector companies that have been targeted, and began working with Microsoft to patch the zero-day vulnerability, which allows the remote execution of arbitrary code. iSight says:

Although the vulnerability impacts all versions of Microsoft Windows — having the potential to impact an enormous user population — from our tracking it appears that its existence was little known and the exploitation was reserved to the Sandworm team.

By disclosing the security flaw on the eve of Patch Tuesday, iSight believes that the possibility of other hacking teams exploiting the zero-day vulnerability has been minimized.

 

 

Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Cell Phone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Iphone Repair Kansas City, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Cell Phone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park, Iphone Repair Overland Park

 

Critical USB Hack Goes Public; How Bad Is The Risk?

From the Newsy.com’s Matt Pitch

Because we just didn’t have enough tech security problems to worry about, computer science researchers have just published a potentially catastrophic security exploit. It’s ubiquitous, it’s nearly impossible to fix, and it’s all thanks to these little devices.

The problem first came to light several months ago, when a pair of researchers, Karsten Nohl and Jakob Lell, unveiled BadUSB, a way to transform common USB devices into malware-laden attack vectors which could hijack any computer they were attached to.

The firmware-based exploit involves altering the very nature of how a USB device communicates with a computer — which meant traditional malware detectors wouldn’t pick up on the attacks, and countering the threat would be nearly impossible. (Video via Vimeo / Offensive Security)

When they first revealed BadUSB, the hackers declined to reveal how they made the malware, citing security reasons. But another pair of researchers has now reverse-engineered the hack — and they’ve opened up their work to the public.

Adam Caudill and Brandon Wilson have made some of the code behind their version of BadUSB freely available on GitHub. The hackers say they’re publishing their work so the community can come up with a solution.

ADAM CAUDILL VIA YOUTUBE / ADRIAN CRENSHAW“If you’re going to say something, if you’re going to prove that there’s a flaw, you need to release the material so people can defend against it.”

But The Verge notes a fix is likely to require “a full update to the USB standard itself, which means years of insecurity. However the industry responds, we’re likely to be living with it for a long, long time.”

It’s also possible we’ve already been living with this problem: BadUSB looks a bit like COTTONMOUTH, a National Security Agency product revealed during the Snowden leaks which hijacks USB devices.

Now that the instructions for building BadUSB attacks are out in the wild, it’s possible malicious hackers could start building these types of attacks. So, should we freak out?

In a blog post, Caudill stated his release is just a harmless demo, and doesn’t contain anything that might enable malware. “The kind of people that have what it takes to do this, could do it regardless of our release. … I firmly believe that by releasing this code, the risk to the average user isn’t increased at all.”

And Mashable notes there are a few basic ways to guard against BadUSB attacks — for one thing, don’t let suspicious or untrusted USB sticks anywhere near your computer. It’s also possible to lock USB port use on Windows systems, or by using endpoint security software.

Boing Boing’s Cory Doctorow has a slightly more apocryphal bit of advice — apparently, someone with high-level connections to the U.S. intelligence community told Doctorow “the spooks he worked with would only trust USB thumb-drives from one vendor, a U.S.-based firm that had been vetted by American spies.”

So, y’know, if you can find that vendor, you should be safe from most black-hat USB attacks! Until then, it’s probably better to not put anything in your computer if you don’t know where it’s been.

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City

 

Hacker Breached HealthCare.gov Insurance Site

Before you panic at the headline rest assured, “The Hacker Uploaded Malicious Software, But Consumers’ Personal Data Didn’t Appear to Be Taken”

From The Wall Street Journal’s Danny Yadron, reposted by Yahoo Finance HERE.

A hacker broke into part of the HealthCare.gov insurance enrollment website in July and uploaded malicious software, according to federal officials.

Investigators found no evidence that consumers’ personal data was taken in the breach, federal officials said. The hacker appears only to have accessed a server used to test code for HealthCare.gov. The Department of Health and Human Services discovered the attack last week.

An HHS official said the attack appears to mark the first successful intrusion into the website, where millions of Americans bought insurance starting last year under the Affordable Care Act. It raised concerns among federal officials because of how easily the intruder gained access and how much damage could have occurred.

“Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted,” the Department of Health and Human Services said in a written statement. “We have taken measures to further strengthen security.”

The attack comes as the federal government and insurance companies prepare for open enrollment, which begins Nov. 15. It is likely to be seized on by Republican lawmakers, who oppose the law, in fall campaigns as another sign of the health law’s flaws. HealthCare.gov suffered from crippling technology problems when it launched in October, though the government has since improved the site.

Taken with recent data thefts from J.P. Morgan Chase & Co., Home Depot Inc., and celebrities’ iPhones, the HealthCare.gov hack further underscores that large organizations haven’t yet mastered how to secure the troves of data they collect from consumers.

The White House and Congressional staff have been briefed on the matter, officials said. The Department of Homeland Security, Federal Bureau of Investigation and National Security Agency have aided the investigation, which is active. The FBI traced the attack to several Internet addresses—some overseas—but doesn’t think it is the work of a state-backed actor, officials said.

“There is no indication that any data was compromised at this time,” DHS spokesman S.Y. Lee said in a written statement. “DHS will continue to monitor the situation and help develop and implement precautionary mitigation strategies as necessary.”

As an insurance enrollment portal, HealthCare.gov stores deeply personal details on Americans, including Social Security numbers, financial data and names of family members. None of that appeared to gain the still unknown hacker’s interest, officials said.

Rather, investigators found that in July, the intruder did just one thing: install malware on a HealthCare.gov server so it could be used in future cyberattacks against other websites, federal officials said. Hackers often take over troves of computers and servers to direct mischief traffic at websites. The rush of traffic, known as a denial of service attack, overwhelms the site and knocks it offline.

Such types of cyberattacks are considered a nuisance and, if discovered at a private company, it is likely the firm wouldn’t disclose the incident, cybersecurity attorneys have said.

“If this happened anywhere other than HealthCare.gov, it wouldn’t be news,” a senior DHS official said.

Investigators found that the hacker was scanning both federal and private websites for a certain type of server that the person would then hack. This suggests the hacker wasn’t targeting the health-care website, the official said.

Washington officials said they are concerned that an intruder gained access to the HealthCare.gov network through a basic security flaw. The server accessed had such low security settings because it was never meant to be connected to the Internet, the HHS official said. When the hacker broke in, it was only guarded by a default password, which often is easy to crack.

“There was a door left open,” the official said.

The department discovered the break in weeks later on Aug. 25 during a daily security scan. Buried amid lines of computer log files was data showing the test server had been contacted by the outside Internet, which wasn’t supposed to happen.

HHS said it has taken cybersecurity seriously since launching HealthCare.gov nearly a year ago. The site undergoes quarterly security audits from Blue Canopy Group LLC, a private security company in Reston, Va. It also undergoes daily security scans and drill hacking exercises.

Lawmakers first raised security concerns about the website when it launched. At the time, then-Secretary of Health and Human Services Kathleen Sebelius said the department had a plan in the event of a security breach. Other hacking attempts reportedly have been made but none appear to have been successful before this.

Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City,

Home Depot Investigating Potentially Massive Credit Card Breach

Have you been shopping at the Home Depot? Yes, then chances are your credit card has been compromised. Details are just starting to come out but it appears that Home Depot, like Target, has become an unknowing/unwilling victim of yet another credit card grab cyber attack. Keep reading below to find out more.

Here’s Home Depot’s official comment on the matter:At this point, I can confirm that we’re looking into some unusual activity and we are working with our banking partners and law enforcement to investigate. Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further. We will provide further information as soon as possible.”

‘Originally Posted at Techcrunch.com by Greg Kumparak (@grg)

Did you just get your credit card replaced after the Great Target Fiasco of 2013?

Don’t get too used to that new card. It’s starting to look like it’s that time again.

Home Depot has confirmed that it’s investigating some “unusual activity” with regards to its customer data, and the consistently spot-on Brian Krebs is saying that it’s a credit card breach. According to Krebs, two “massive” batches of cards appeared on a credit card number seller site early this morning.

It’s unclear just how long the breach was in play — but Kreb’s early analysis of the credit card data suggests that its tentacles reached into the majority of Home Depot’s 2,200 stores, possibly going as far back April of this year.

So in other words: if you’ve used a credit card at Home Depot pretty much any time this year, it might be a good time to hop on the phone with your bank.

Home Depot’s stock dropped by over 2.5 percent with the news.

 

 Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City, Computer Repair Overland Park, Computer Repair Kansas City, PC Repair Overland Park, PC Repair Kansas City

 

 

Apple Investigating Reports of iCloud Vulnerabilities: Probe Comes After Celebrities’ Accounts Were Hacked, Nude Photos Published

From the Wall Street Journal‘s Daisuke Wakabayashi

Initial media reports suggested that the hacks stemmed from individual accounts on iCloud, an online service to store photos, music and other data from Apple devices.

“We take user privacy very seriously and are actively investigating this report,” Apple spokeswoman Nat Kerris said in a statement.

A posting on online code-sharing site GitHub said a user had discovered a bug in Apple’s Find My iPhone service, which tracks the location of a missing phone and allows a user to disable the phone remotely if it is stolen. The bug allowed a hacker to keep trying passwords until identifying the right one.

Most online services lock down an account after multiple incorrect password attempts to prevent this type of so-called “brute force” attacks.

Apple is looking into reports that iCloud vulnerabilities were exploited to hack into accounts. Associated Press

The GitHub post was updated on Monday to read: “The end of fun, Apple have just patched.”

Rich Mogull, chief executive of security research and advisory firm Securosis, said it is plausible that hackers exploited that vulnerability. “We don’t know for sure, but it’s very possible that those are related,” he said.

He also said it seems more likely that the hackers broke in through the individual accounts of the celebrities versus breaking Apple’s system. “I would be shocked Apple itself was hacked,” said Mr. Mogull.

Actress Jennifer Lawrence and model Kate Upton were identified as possible victims. Another actress, Mary E. Winstead, said on Twitter that the hackers grabbed photos she took with her husband last year in their home and that she had since deleted. “I can only imagine the creepy effort that went into this,” she wrote on her verified Twitter account. Actress and singer Victoria Justice said from her Twitter account that the supposed nude photos of her were fake.

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City

JPMorgan and other US banks reportedly hit by cyberattack

From Engadget.com’s Article by Edgar Alvarez (@abcdedgar) Posted 8/28/2014

A Bloomberg report claims that JPMorgan Chase and “at least” four more banks in the US have been victims of a virtual attack from hackers. The data gathered from the breach could reportedly “be used to drain accounts,” according to two Bloomberg sources who have been briefed on the situation by the US government. At the moment, it is unknown which other banks were affected by this, but the FBI has already opened an investigation and is currently working to find out more details. “[We are] working with the United States Secret Service to determine the scope of recently reported cyberattacks against several American financial institutions,” said the FBI in a statement. Meanwhile, a different report from CNN Money notes that seven of the “top” 15 banks were on the wrong end of these attacks, per people familiar with the matter — though such information has not been corroborated by US officials.

“Companies our size unfortunately experience cyberattacks nearly every day. We have multiple layers of defense to counteract any threats and constantly monitor fraud levels,” explained a JPMorgan spokesperson, adding that the bank hasn’t yet detected any sort of unusual fraud activity. Regardless, there are still a lot of unanswered questions right now, but we’ll keep you updated as additional details come to light. ”

 

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,

Heartbleed Bleeds Out 4.5 Million US Patients Information to Chinese Hackers

So unless you have been living under a rock for the last few days you may have heard that Community Health Systems were hacked by attacks originating from China, according to CHS, and the information stolen includes the following: Names, Addresses, Telephone Numbers, Date of Birth, and Social Security Numbers. CHS does not believe that the hackers were attempting to exploit the personal data, as the group they believe  is responsible has typically been after medical equipment data. CHS further noted that both credit card numbers and clinical data were left untouched during the attacks. More than 206 hospitals that span 29 states are now in the process of notifying patients who were part of the breach.

So how did this happen you might be wondering? According to security firm TrustedSec, the data was poached via the now world infamous Heartbleed vulnerability. Of course CHS hasn’t confirmed this yet and TrustedSec’s founder David Kennedy has stated he learned of the compromise method from 3 unnamed insiders who have chosen to remain anonymous.

For the Original Source and more information read the full Rueters article HERE

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,

Russian Hackers Amass Over a Billion Internet Passwords

Excerpt from the NYTIMES.COM’s article by Nicole Perlroth and David Gelles August 5, 2014
Click HERE to read the full Article.

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”

 

USB Ports Could Compromise Your Computer

You may want to think twice before sharing those flash drives with someone. New research shows the USB port on your computer can be directly used to steal your information or infect your computer. The news comes to us from a team of German researchers who found that anything connected via USB can be reprogrammed to do real damage to your data. What kind of damage? Let’s say you use someone’s else’s flash drive and plug it in to your USB port. It can be used to take control of your laptop. It can also pose as a network card, and reroute your Internet use so someone can spy on what you are doing. That opens you up to identity theft, bank fraud and extortion. The researchers from S.R. Labs in Germany discovered the problem and say it can also happen if someone charges their Android device using your computer’s USB port. So for now, you might want to go against the advice we tell all our kids; no sharing, at least when it comes to flash drives and smartphone charging on your computer.

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,

Moneypak Strikes Again

Moneypak Strikes Again! Android Users Impacted.

Recently the Moneypak malware made the jump from Microsoft Windows to Google’s Android operating system. Unlike Windows that have an abundance of Apps designed to removed this common nuisance there aren’t as many for Android as this is a fresh market for hackers to wreak havoc on.

So what can you do? Well first and foremost shut your tablet off and get yourself into a technician to have a look. In some cases you may be looking at a complete wipe and reload of your Android device, in other cases you may not be so unfortunate. If you haven’t gotten it yet be sure to take precautionary measure like backing up your data, syncing your pictures/music/videos to the cloud, and avoid websites you haven’t been to before.

Once you are infected there may be no going back but don’t let it get to you, it happens to the best of us. Again the best thing you can do for yourself is get your device into a virus removal specialist and see what they can do for you. Keep your eyes peeled as time goes on it’s only going to get worse.

Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City, Smarthome Overland Park, Home Automation Overland park, Smarthome Kansas City, Home Automation Kansas City,